By: Teemu Kääriäinen user 30 May 2016 at 5:48 a.m. CDT

2 Responses
Teemu Kääriäinen gravatar
1) Gluu authorization endpoint is requested with following kind of URL: ``` https://********/oxauth/seam/resource/restv1/oxauth/authorize?response_type=code&client_id=********&redirect_uri=********&scope=openid profile profile&state=test&nonce=9dcb5578-a806-4824-b3fe-19a580655843 ``` 2) User logs in and consent page is shown. 3) After clicking allow, following stacktrace is shown: ``` Connection exception (Error adding object to directory. LDAP error number 20: The provided LDAP attribute oxAuthScope contains duplicate values) org.gluu.site.ldap.OperationsFacade.addEntry(OperationsFacade.java:338) org.gluu.site.ldap.persistence.LdapEntryManager.persist(LdapEntryManager.java:108) org.gluu.site.ldap.persistence.AbstractEntryManager.persist(AbstractEntryManager.java:100) org.xdi.oxauth.service.ClientAuthorizationsService.add(ClientAuthorizationsService.java:85) ``` The problem resides in the org.xdi.oxauth.service.ClientAuthorizationsService which allows duplicate values in the scopes parameter (uses list). When updating the client authorizations, this problem does not exist because it uses a set to persist the scopes.

By Yuriy Zabrovarnyy staff 30 May 2016 at 5:56 a.m. CDT

Yuriy Zabrovarnyy gravatar
Opened issue for it https://github.com/GluuFederation/oxAuth/issues/232

By Yuriy Zabrovarnyy staff 30 May 2016 at 6:09 a.m. CDT

Yuriy Zabrovarnyy gravatar
Fixed, it will available in 2.4.4 version.